CVE Vulnerability

CVE-2007-6744

Flexera Macrovision InstallShield before 2008 sends a digital-signature password to an unintended application during certain signature operations involving .spc and .pvk files, which might allow local users to obtain sensitive information via unspecified vectors, related to an incorrect interaction between InstallShield and Signcode.exe.

2.1 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 2.9

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

Scope

References
Link Resource
http://kb.flexerasoftware.com/selfservice/microsites/search.do?cmd=displayKC&docType=kc&externalId=Installation-InstallShield-InstallShield2008Premier-Public-ProductInfo-IS2008PremProReleaseNotes2pdf&sliceId=pdfPage_42
Configurations

Configuration 1

cpe:2.3:a:flexerasoftware:installshield:10.5:*:*:*:*:*:*:*
cpe:2.3:a:flexerasoftware:installshield:*:*:*:*:*:*:*:*
cpe:2.3:a:flexerasoftware:installshield:11.5:*:*:*:*:*:*:*
cpe:2.3:a:flexerasoftware:installshield:*:*:*:*:*:*:*:*
cpe:2.3:a:flexerasoftware:installshield:11:*:*:*:*:*:*:*
cpe:2.3:a:flexerasoftware:installshield:*:*:*:*:*:*:*:*
cpe:2.3:a:flexerasoftware:installshield:*:*:*:*:*:*:*:*
Information

Published : 2012-01-19 07:55

Updated : 2012-01-20 05:00

NVD link : CVE-2007-6744

Mitre link : CVE-2007-6744

Products Affected
No products.
CWE
CWE-200